Lines Matching refs:cc
74 struct crypt_config *cc; member
102 int (*ctr)(struct crypt_config *cc, struct dm_target *ti,
104 void (*dtr)(struct crypt_config *cc);
105 int (*init)(struct crypt_config *cc);
106 int (*wipe)(struct crypt_config *cc);
107 int (*generator)(struct crypt_config *cc, u8 *iv,
109 int (*post)(struct crypt_config *cc, u8 *iv,
244 static struct scatterlist *crypt_get_sg_data(struct crypt_config *cc,
247 static bool crypt_integrity_aead(struct crypt_config *cc);
252 static struct crypto_skcipher *any_tfm(struct crypt_config *cc) in any_tfm() argument
254 return cc->cipher_tfm.tfms[0]; in any_tfm()
257 static struct crypto_aead *any_tfm_aead(struct crypt_config *cc) in any_tfm_aead() argument
259 return cc->cipher_tfm.tfms_aead[0]; in any_tfm_aead()
318 static int crypt_iv_plain_gen(struct crypt_config *cc, u8 *iv, in crypt_iv_plain_gen() argument
321 memset(iv, 0, cc->iv_size); in crypt_iv_plain_gen()
327 static int crypt_iv_plain64_gen(struct crypt_config *cc, u8 *iv, in crypt_iv_plain64_gen() argument
330 memset(iv, 0, cc->iv_size); in crypt_iv_plain64_gen()
336 static int crypt_iv_plain64be_gen(struct crypt_config *cc, u8 *iv, in crypt_iv_plain64be_gen() argument
339 memset(iv, 0, cc->iv_size); in crypt_iv_plain64be_gen()
341 *(__be64 *)&iv[cc->iv_size - sizeof(u64)] = cpu_to_be64(dmreq->iv_sector); in crypt_iv_plain64be_gen()
346 static int crypt_iv_essiv_gen(struct crypt_config *cc, u8 *iv, in crypt_iv_essiv_gen() argument
353 memset(iv, 0, cc->iv_size); in crypt_iv_essiv_gen()
359 static int crypt_iv_benbi_ctr(struct crypt_config *cc, struct dm_target *ti, in crypt_iv_benbi_ctr() argument
365 if (crypt_integrity_aead(cc)) in crypt_iv_benbi_ctr()
366 bs = crypto_aead_blocksize(any_tfm_aead(cc)); in crypt_iv_benbi_ctr()
368 bs = crypto_skcipher_blocksize(any_tfm(cc)); in crypt_iv_benbi_ctr()
385 cc->iv_gen_private.benbi.shift = 9 - log; in crypt_iv_benbi_ctr()
390 static void crypt_iv_benbi_dtr(struct crypt_config *cc) in crypt_iv_benbi_dtr() argument
394 static int crypt_iv_benbi_gen(struct crypt_config *cc, u8 *iv, in crypt_iv_benbi_gen() argument
399 memset(iv, 0, cc->iv_size - sizeof(u64)); /* rest is cleared below */ in crypt_iv_benbi_gen()
401 val = cpu_to_be64(((u64)dmreq->iv_sector << cc->iv_gen_private.benbi.shift) + 1); in crypt_iv_benbi_gen()
402 put_unaligned(val, (__be64 *)(iv + cc->iv_size - sizeof(u64))); in crypt_iv_benbi_gen()
407 static int crypt_iv_null_gen(struct crypt_config *cc, u8 *iv, in crypt_iv_null_gen() argument
410 memset(iv, 0, cc->iv_size); in crypt_iv_null_gen()
415 static void crypt_iv_lmk_dtr(struct crypt_config *cc) in crypt_iv_lmk_dtr() argument
417 struct iv_lmk_private *lmk = &cc->iv_gen_private.lmk; in crypt_iv_lmk_dtr()
427 static int crypt_iv_lmk_ctr(struct crypt_config *cc, struct dm_target *ti, in crypt_iv_lmk_ctr() argument
430 struct iv_lmk_private *lmk = &cc->iv_gen_private.lmk; in crypt_iv_lmk_ctr()
432 if (cc->sector_size != (1 << SECTOR_SHIFT)) { in crypt_iv_lmk_ctr()
445 if (cc->key_parts == cc->tfms_count) { in crypt_iv_lmk_ctr()
452 crypt_iv_lmk_dtr(cc); in crypt_iv_lmk_ctr()
460 static int crypt_iv_lmk_init(struct crypt_config *cc) in crypt_iv_lmk_init() argument
462 struct iv_lmk_private *lmk = &cc->iv_gen_private.lmk; in crypt_iv_lmk_init()
463 int subkey_size = cc->key_size / cc->key_parts; in crypt_iv_lmk_init()
467 memcpy(lmk->seed, cc->key + (cc->tfms_count * subkey_size), in crypt_iv_lmk_init()
473 static int crypt_iv_lmk_wipe(struct crypt_config *cc) in crypt_iv_lmk_wipe() argument
475 struct iv_lmk_private *lmk = &cc->iv_gen_private.lmk; in crypt_iv_lmk_wipe()
483 static int crypt_iv_lmk_one(struct crypt_config *cc, u8 *iv, in crypt_iv_lmk_one() argument
487 struct iv_lmk_private *lmk = &cc->iv_gen_private.lmk; in crypt_iv_lmk_one()
526 memcpy(iv, &md5state.hash, cc->iv_size); in crypt_iv_lmk_one()
531 static int crypt_iv_lmk_gen(struct crypt_config *cc, u8 *iv, in crypt_iv_lmk_gen() argument
539 sg = crypt_get_sg_data(cc, dmreq->sg_in); in crypt_iv_lmk_gen()
541 r = crypt_iv_lmk_one(cc, iv, dmreq, src + sg->offset); in crypt_iv_lmk_gen()
544 memset(iv, 0, cc->iv_size); in crypt_iv_lmk_gen()
549 static int crypt_iv_lmk_post(struct crypt_config *cc, u8 *iv, in crypt_iv_lmk_post() argument
559 sg = crypt_get_sg_data(cc, dmreq->sg_out); in crypt_iv_lmk_post()
561 r = crypt_iv_lmk_one(cc, iv, dmreq, dst + sg->offset); in crypt_iv_lmk_post()
565 crypto_xor(dst + sg->offset, iv, cc->iv_size); in crypt_iv_lmk_post()
571 static void crypt_iv_tcw_dtr(struct crypt_config *cc) in crypt_iv_tcw_dtr() argument
573 struct iv_tcw_private *tcw = &cc->iv_gen_private.tcw; in crypt_iv_tcw_dtr()
585 static int crypt_iv_tcw_ctr(struct crypt_config *cc, struct dm_target *ti, in crypt_iv_tcw_ctr() argument
588 struct iv_tcw_private *tcw = &cc->iv_gen_private.tcw; in crypt_iv_tcw_ctr()
590 if (cc->sector_size != (1 << SECTOR_SHIFT)) { in crypt_iv_tcw_ctr()
595 if (cc->key_size <= (cc->iv_size + TCW_WHITENING_SIZE)) { in crypt_iv_tcw_ctr()
607 tcw->iv_seed = kzalloc(cc->iv_size, GFP_KERNEL); in crypt_iv_tcw_ctr()
610 crypt_iv_tcw_dtr(cc); in crypt_iv_tcw_ctr()
618 static int crypt_iv_tcw_init(struct crypt_config *cc) in crypt_iv_tcw_init() argument
620 struct iv_tcw_private *tcw = &cc->iv_gen_private.tcw; in crypt_iv_tcw_init()
621 int key_offset = cc->key_size - cc->iv_size - TCW_WHITENING_SIZE; in crypt_iv_tcw_init()
623 memcpy(tcw->iv_seed, &cc->key[key_offset], cc->iv_size); in crypt_iv_tcw_init()
624 memcpy(tcw->whitening, &cc->key[key_offset + cc->iv_size], in crypt_iv_tcw_init()
630 static int crypt_iv_tcw_wipe(struct crypt_config *cc) in crypt_iv_tcw_wipe() argument
632 struct iv_tcw_private *tcw = &cc->iv_gen_private.tcw; in crypt_iv_tcw_wipe()
634 memset(tcw->iv_seed, 0, cc->iv_size); in crypt_iv_tcw_wipe()
640 static int crypt_iv_tcw_whitening(struct crypt_config *cc, in crypt_iv_tcw_whitening() argument
644 struct iv_tcw_private *tcw = &cc->iv_gen_private.tcw; in crypt_iv_tcw_whitening()
678 static int crypt_iv_tcw_gen(struct crypt_config *cc, u8 *iv, in crypt_iv_tcw_gen() argument
682 struct iv_tcw_private *tcw = &cc->iv_gen_private.tcw; in crypt_iv_tcw_gen()
689 sg = crypt_get_sg_data(cc, dmreq->sg_in); in crypt_iv_tcw_gen()
691 r = crypt_iv_tcw_whitening(cc, dmreq, src + sg->offset); in crypt_iv_tcw_gen()
697 if (cc->iv_size > 8) in crypt_iv_tcw_gen()
699 cc->iv_size - 8); in crypt_iv_tcw_gen()
704 static int crypt_iv_tcw_post(struct crypt_config *cc, u8 *iv, in crypt_iv_tcw_post() argument
715 sg = crypt_get_sg_data(cc, dmreq->sg_out); in crypt_iv_tcw_post()
717 r = crypt_iv_tcw_whitening(cc, dmreq, dst + sg->offset); in crypt_iv_tcw_post()
723 static int crypt_iv_random_gen(struct crypt_config *cc, u8 *iv, in crypt_iv_random_gen() argument
727 get_random_bytes(iv, cc->iv_size); in crypt_iv_random_gen()
731 static int crypt_iv_eboiv_ctr(struct crypt_config *cc, struct dm_target *ti, in crypt_iv_eboiv_ctr() argument
734 if (crypt_integrity_aead(cc)) { in crypt_iv_eboiv_ctr()
739 if (crypto_skcipher_blocksize(any_tfm(cc)) != cc->iv_size) { in crypt_iv_eboiv_ctr()
747 static int crypt_iv_eboiv_gen(struct crypt_config *cc, u8 *iv, in crypt_iv_eboiv_gen() argument
750 struct crypto_skcipher *tfm = any_tfm(cc); in crypt_iv_eboiv_gen()
761 req = kmalloc(reqsize + cc->iv_size, GFP_NOIO); in crypt_iv_eboiv_gen()
768 memset(buf, 0, cc->iv_size); in crypt_iv_eboiv_gen()
769 *(__le64 *)buf = cpu_to_le64(dmreq->iv_sector * cc->sector_size); in crypt_iv_eboiv_gen()
771 sg_init_one(&src, page_address(ZERO_PAGE(0)), cc->iv_size); in crypt_iv_eboiv_gen()
772 sg_init_one(&dst, iv, cc->iv_size); in crypt_iv_eboiv_gen()
773 skcipher_request_set_crypt(req, &src, &dst, cc->iv_size, buf); in crypt_iv_eboiv_gen()
781 static void crypt_iv_elephant_dtr(struct crypt_config *cc) in crypt_iv_elephant_dtr() argument
783 struct iv_elephant_private *elephant = &cc->iv_gen_private.elephant; in crypt_iv_elephant_dtr()
789 static int crypt_iv_elephant_ctr(struct crypt_config *cc, struct dm_target *ti, in crypt_iv_elephant_ctr() argument
792 struct iv_elephant_private *elephant = &cc->iv_gen_private.elephant; in crypt_iv_elephant_ctr()
803 r = crypt_iv_eboiv_ctr(cc, ti, NULL); in crypt_iv_elephant_ctr()
805 crypt_iv_elephant_dtr(cc); in crypt_iv_elephant_ctr()
953 static int crypt_iv_elephant(struct crypt_config *cc, struct dm_crypt_request *dmreq) in crypt_iv_elephant() argument
955 struct iv_elephant_private *elephant = &cc->iv_gen_private.elephant; in crypt_iv_elephant()
971 *(__le64 *)es = cpu_to_le64(dmreq->iv_sector * cc->sector_size); in crypt_iv_elephant()
989 sg = crypt_get_sg_data(cc, dmreq->sg_out); in crypt_iv_elephant()
995 sg2 = crypt_get_sg_data(cc, dmreq->sg_in); in crypt_iv_elephant()
997 memcpy(data_offset, data2 + sg2->offset, cc->sector_size); in crypt_iv_elephant()
1002 diffuser_disk_to_cpu((u32 *)data_offset, cc->sector_size / sizeof(u32)); in crypt_iv_elephant()
1003 diffuser_b_decrypt((u32 *)data_offset, cc->sector_size / sizeof(u32)); in crypt_iv_elephant()
1004 diffuser_a_decrypt((u32 *)data_offset, cc->sector_size / sizeof(u32)); in crypt_iv_elephant()
1005 diffuser_cpu_to_disk((__le32 *)data_offset, cc->sector_size / sizeof(u32)); in crypt_iv_elephant()
1008 for (i = 0; i < (cc->sector_size / 32); i++) in crypt_iv_elephant()
1012 diffuser_disk_to_cpu((u32 *)data_offset, cc->sector_size / sizeof(u32)); in crypt_iv_elephant()
1013 diffuser_a_encrypt((u32 *)data_offset, cc->sector_size / sizeof(u32)); in crypt_iv_elephant()
1014 diffuser_b_encrypt((u32 *)data_offset, cc->sector_size / sizeof(u32)); in crypt_iv_elephant()
1015 diffuser_cpu_to_disk((__le32 *)data_offset, cc->sector_size / sizeof(u32)); in crypt_iv_elephant()
1026 static int crypt_iv_elephant_gen(struct crypt_config *cc, u8 *iv, in crypt_iv_elephant_gen() argument
1032 r = crypt_iv_elephant(cc, dmreq); in crypt_iv_elephant_gen()
1037 return crypt_iv_eboiv_gen(cc, iv, dmreq); in crypt_iv_elephant_gen()
1040 static int crypt_iv_elephant_post(struct crypt_config *cc, u8 *iv, in crypt_iv_elephant_post() argument
1044 return crypt_iv_elephant(cc, dmreq); in crypt_iv_elephant_post()
1049 static int crypt_iv_elephant_init(struct crypt_config *cc) in crypt_iv_elephant_init() argument
1051 struct iv_elephant_private *elephant = &cc->iv_gen_private.elephant; in crypt_iv_elephant_init()
1052 int key_offset = cc->key_size - cc->key_extra_size; in crypt_iv_elephant_init()
1054 return crypto_skcipher_setkey(elephant->tfm, &cc->key[key_offset], cc->key_extra_size); in crypt_iv_elephant_init()
1057 static int crypt_iv_elephant_wipe(struct crypt_config *cc) in crypt_iv_elephant_wipe() argument
1059 struct iv_elephant_private *elephant = &cc->iv_gen_private.elephant; in crypt_iv_elephant_wipe()
1062 memset(key, 0, cc->key_extra_size); in crypt_iv_elephant_wipe()
1063 return crypto_skcipher_setkey(elephant->tfm, key, cc->key_extra_size); in crypt_iv_elephant_wipe()
1131 static bool crypt_integrity_aead(struct crypt_config *cc) in crypt_integrity_aead() argument
1133 return test_bit(CRYPT_MODE_INTEGRITY_AEAD, &cc->cipher_flags); in crypt_integrity_aead()
1136 static bool crypt_integrity_hmac(struct crypt_config *cc) in crypt_integrity_hmac() argument
1138 return crypt_integrity_aead(cc) && cc->key_mac_size; in crypt_integrity_hmac()
1142 static struct scatterlist *crypt_get_sg_data(struct crypt_config *cc, in crypt_get_sg_data() argument
1145 if (unlikely(crypt_integrity_aead(cc))) in crypt_get_sg_data()
1157 if (!bio_sectors(bio) || !io->cc->on_disk_tag_size) in dm_crypt_integrity_io_alloc()
1164 tag_len = io->cc->on_disk_tag_size * (bio_sectors(bio) >> io->cc->sector_shift); in dm_crypt_integrity_io_alloc()
1166 bip->bip_iter.bi_sector = io->cc->start + io->sector; in dm_crypt_integrity_io_alloc()
1176 static int crypt_integrity_ctr(struct crypt_config *cc, struct dm_target *ti) in crypt_integrity_ctr() argument
1179 struct blk_integrity *bi = blk_get_integrity(cc->dev->bdev->bd_disk); in crypt_integrity_ctr()
1188 if (bi->tag_size != cc->on_disk_tag_size || in crypt_integrity_ctr()
1189 bi->tuple_size != cc->on_disk_tag_size) { in crypt_integrity_ctr()
1193 if (1 << bi->interval_exp != cc->sector_size) { in crypt_integrity_ctr()
1198 if (crypt_integrity_aead(cc)) { in crypt_integrity_ctr()
1199 cc->integrity_tag_size = cc->on_disk_tag_size - cc->integrity_iv_size; in crypt_integrity_ctr()
1201 cc->integrity_tag_size, cc->integrity_iv_size); in crypt_integrity_ctr()
1203 if (crypto_aead_setauthsize(any_tfm_aead(cc), cc->integrity_tag_size)) { in crypt_integrity_ctr()
1207 } else if (cc->integrity_iv_size) in crypt_integrity_ctr()
1209 cc->integrity_iv_size); in crypt_integrity_ctr()
1211 if ((cc->integrity_tag_size + cc->integrity_iv_size) != bi->tag_size) { in crypt_integrity_ctr()
1223 static void crypt_convert_init(struct crypt_config *cc, in crypt_convert_init() argument
1234 ctx->cc_sector = sector + cc->iv_offset; in crypt_convert_init()
1238 static struct dm_crypt_request *dmreq_of_req(struct crypt_config *cc, in dmreq_of_req() argument
1241 return (struct dm_crypt_request *)((char *)req + cc->dmreq_start); in dmreq_of_req()
1244 static void *req_of_dmreq(struct crypt_config *cc, struct dm_crypt_request *dmreq) in req_of_dmreq() argument
1246 return (void *)((char *)dmreq - cc->dmreq_start); in req_of_dmreq()
1249 static u8 *iv_of_dmreq(struct crypt_config *cc, in iv_of_dmreq() argument
1252 if (crypt_integrity_aead(cc)) in iv_of_dmreq()
1254 crypto_aead_alignmask(any_tfm_aead(cc)) + 1); in iv_of_dmreq()
1257 crypto_skcipher_alignmask(any_tfm(cc)) + 1); in iv_of_dmreq()
1260 static u8 *org_iv_of_dmreq(struct crypt_config *cc, in org_iv_of_dmreq() argument
1263 return iv_of_dmreq(cc, dmreq) + cc->iv_size; in org_iv_of_dmreq()
1266 static __le64 *org_sector_of_dmreq(struct crypt_config *cc, in org_sector_of_dmreq() argument
1269 u8 *ptr = iv_of_dmreq(cc, dmreq) + cc->iv_size + cc->iv_size; in org_sector_of_dmreq()
1274 static unsigned int *org_tag_of_dmreq(struct crypt_config *cc, in org_tag_of_dmreq() argument
1277 u8 *ptr = iv_of_dmreq(cc, dmreq) + cc->iv_size + in org_tag_of_dmreq()
1278 cc->iv_size + sizeof(uint64_t); in org_tag_of_dmreq()
1283 static void *tag_from_dmreq(struct crypt_config *cc, in tag_from_dmreq() argument
1289 return &io->integrity_metadata[*org_tag_of_dmreq(cc, dmreq) * in tag_from_dmreq()
1290 cc->on_disk_tag_size]; in tag_from_dmreq()
1293 static void *iv_tag_from_dmreq(struct crypt_config *cc, in iv_tag_from_dmreq() argument
1296 return tag_from_dmreq(cc, dmreq) + cc->integrity_tag_size; in iv_tag_from_dmreq()
1299 static int crypt_convert_block_aead(struct crypt_config *cc, in crypt_convert_block_aead() argument
1311 BUG_ON(cc->integrity_iv_size && cc->integrity_iv_size != cc->iv_size); in crypt_convert_block_aead()
1314 if (unlikely(bv_in.bv_len & (cc->sector_size - 1))) in crypt_convert_block_aead()
1317 dmreq = dmreq_of_req(cc, req); in crypt_convert_block_aead()
1319 if (test_bit(CRYPT_IV_LARGE_SECTORS, &cc->cipher_flags)) in crypt_convert_block_aead()
1320 dmreq->iv_sector >>= cc->sector_shift; in crypt_convert_block_aead()
1323 *org_tag_of_dmreq(cc, dmreq) = tag_offset; in crypt_convert_block_aead()
1325 sector = org_sector_of_dmreq(cc, dmreq); in crypt_convert_block_aead()
1326 *sector = cpu_to_le64(ctx->cc_sector - cc->iv_offset); in crypt_convert_block_aead()
1328 iv = iv_of_dmreq(cc, dmreq); in crypt_convert_block_aead()
1329 org_iv = org_iv_of_dmreq(cc, dmreq); in crypt_convert_block_aead()
1330 tag = tag_from_dmreq(cc, dmreq); in crypt_convert_block_aead()
1331 tag_iv = iv_tag_from_dmreq(cc, dmreq); in crypt_convert_block_aead()
1340 sg_set_buf(&dmreq->sg_in[1], org_iv, cc->iv_size); in crypt_convert_block_aead()
1341 sg_set_page(&dmreq->sg_in[2], bv_in.bv_page, cc->sector_size, bv_in.bv_offset); in crypt_convert_block_aead()
1342 sg_set_buf(&dmreq->sg_in[3], tag, cc->integrity_tag_size); in crypt_convert_block_aead()
1346 sg_set_buf(&dmreq->sg_out[1], org_iv, cc->iv_size); in crypt_convert_block_aead()
1347 sg_set_page(&dmreq->sg_out[2], bv_out.bv_page, cc->sector_size, bv_out.bv_offset); in crypt_convert_block_aead()
1348 sg_set_buf(&dmreq->sg_out[3], tag, cc->integrity_tag_size); in crypt_convert_block_aead()
1350 if (cc->iv_gen_ops) { in crypt_convert_block_aead()
1352 if (cc->integrity_iv_size && bio_data_dir(ctx->bio_in) != WRITE) { in crypt_convert_block_aead()
1353 memcpy(org_iv, tag_iv, cc->iv_size); in crypt_convert_block_aead()
1355 r = cc->iv_gen_ops->generator(cc, org_iv, dmreq); in crypt_convert_block_aead()
1359 if (cc->integrity_iv_size) in crypt_convert_block_aead()
1360 memcpy(tag_iv, org_iv, cc->iv_size); in crypt_convert_block_aead()
1363 memcpy(iv, org_iv, cc->iv_size); in crypt_convert_block_aead()
1366 aead_request_set_ad(req, sizeof(uint64_t) + cc->iv_size); in crypt_convert_block_aead()
1369 cc->sector_size, iv); in crypt_convert_block_aead()
1371 if (cc->integrity_tag_size + cc->integrity_iv_size != cc->on_disk_tag_size) in crypt_convert_block_aead()
1372 memset(tag + cc->integrity_tag_size + cc->integrity_iv_size, 0, in crypt_convert_block_aead()
1373 cc->on_disk_tag_size - (cc->integrity_tag_size + cc->integrity_iv_size)); in crypt_convert_block_aead()
1376 cc->sector_size + cc->integrity_tag_size, iv); in crypt_convert_block_aead()
1392 if (!r && cc->iv_gen_ops && cc->iv_gen_ops->post) in crypt_convert_block_aead()
1393 r = cc->iv_gen_ops->post(cc, org_iv, dmreq); in crypt_convert_block_aead()
1395 bio_advance_iter(ctx->bio_in, &ctx->iter_in, cc->sector_size); in crypt_convert_block_aead()
1396 bio_advance_iter(ctx->bio_out, &ctx->iter_out, cc->sector_size); in crypt_convert_block_aead()
1401 static int crypt_convert_block_skcipher(struct crypt_config *cc, in crypt_convert_block_skcipher() argument
1415 if (unlikely(bv_in.bv_len & (cc->sector_size - 1))) in crypt_convert_block_skcipher()
1418 dmreq = dmreq_of_req(cc, req); in crypt_convert_block_skcipher()
1420 if (test_bit(CRYPT_IV_LARGE_SECTORS, &cc->cipher_flags)) in crypt_convert_block_skcipher()
1421 dmreq->iv_sector >>= cc->sector_shift; in crypt_convert_block_skcipher()
1424 *org_tag_of_dmreq(cc, dmreq) = tag_offset; in crypt_convert_block_skcipher()
1426 iv = iv_of_dmreq(cc, dmreq); in crypt_convert_block_skcipher()
1427 org_iv = org_iv_of_dmreq(cc, dmreq); in crypt_convert_block_skcipher()
1428 tag_iv = iv_tag_from_dmreq(cc, dmreq); in crypt_convert_block_skcipher()
1430 sector = org_sector_of_dmreq(cc, dmreq); in crypt_convert_block_skcipher()
1431 *sector = cpu_to_le64(ctx->cc_sector - cc->iv_offset); in crypt_convert_block_skcipher()
1438 sg_set_page(sg_in, bv_in.bv_page, cc->sector_size, bv_in.bv_offset); in crypt_convert_block_skcipher()
1441 sg_set_page(sg_out, bv_out.bv_page, cc->sector_size, bv_out.bv_offset); in crypt_convert_block_skcipher()
1443 if (cc->iv_gen_ops) { in crypt_convert_block_skcipher()
1445 if (cc->integrity_iv_size && bio_data_dir(ctx->bio_in) != WRITE) { in crypt_convert_block_skcipher()
1446 memcpy(org_iv, tag_iv, cc->integrity_iv_size); in crypt_convert_block_skcipher()
1448 r = cc->iv_gen_ops->generator(cc, org_iv, dmreq); in crypt_convert_block_skcipher()
1452 if (test_bit(CRYPT_ENCRYPT_PREPROCESS, &cc->cipher_flags)) in crypt_convert_block_skcipher()
1455 if (cc->integrity_iv_size) in crypt_convert_block_skcipher()
1456 memcpy(tag_iv, org_iv, cc->integrity_iv_size); in crypt_convert_block_skcipher()
1459 memcpy(iv, org_iv, cc->iv_size); in crypt_convert_block_skcipher()
1462 skcipher_request_set_crypt(req, sg_in, sg_out, cc->sector_size, iv); in crypt_convert_block_skcipher()
1469 if (!r && cc->iv_gen_ops && cc->iv_gen_ops->post) in crypt_convert_block_skcipher()
1470 r = cc->iv_gen_ops->post(cc, org_iv, dmreq); in crypt_convert_block_skcipher()
1472 bio_advance_iter(ctx->bio_in, &ctx->iter_in, cc->sector_size); in crypt_convert_block_skcipher()
1473 bio_advance_iter(ctx->bio_out, &ctx->iter_out, cc->sector_size); in crypt_convert_block_skcipher()
1480 static int crypt_alloc_req_skcipher(struct crypt_config *cc, in crypt_alloc_req_skcipher() argument
1483 unsigned int key_index = ctx->cc_sector & (cc->tfms_count - 1); in crypt_alloc_req_skcipher()
1486 ctx->r.req = mempool_alloc(&cc->req_pool, in_interrupt() ? GFP_ATOMIC : GFP_NOIO); in crypt_alloc_req_skcipher()
1491 skcipher_request_set_tfm(ctx->r.req, cc->cipher_tfm.tfms[key_index]); in crypt_alloc_req_skcipher()
1499 kcryptd_async_done, dmreq_of_req(cc, ctx->r.req)); in crypt_alloc_req_skcipher()
1504 static int crypt_alloc_req_aead(struct crypt_config *cc, in crypt_alloc_req_aead() argument
1508 ctx->r.req_aead = mempool_alloc(&cc->req_pool, in_interrupt() ? GFP_ATOMIC : GFP_NOIO); in crypt_alloc_req_aead()
1513 aead_request_set_tfm(ctx->r.req_aead, cc->cipher_tfm.tfms_aead[0]); in crypt_alloc_req_aead()
1521 kcryptd_async_done, dmreq_of_req(cc, ctx->r.req_aead)); in crypt_alloc_req_aead()
1526 static int crypt_alloc_req(struct crypt_config *cc, in crypt_alloc_req() argument
1529 if (crypt_integrity_aead(cc)) in crypt_alloc_req()
1530 return crypt_alloc_req_aead(cc, ctx); in crypt_alloc_req()
1532 return crypt_alloc_req_skcipher(cc, ctx); in crypt_alloc_req()
1535 static void crypt_free_req_skcipher(struct crypt_config *cc, in crypt_free_req_skcipher() argument
1538 struct dm_crypt_io *io = dm_per_bio_data(base_bio, cc->per_bio_data_size); in crypt_free_req_skcipher()
1541 mempool_free(req, &cc->req_pool); in crypt_free_req_skcipher()
1544 static void crypt_free_req_aead(struct crypt_config *cc, in crypt_free_req_aead() argument
1547 struct dm_crypt_io *io = dm_per_bio_data(base_bio, cc->per_bio_data_size); in crypt_free_req_aead()
1550 mempool_free(req, &cc->req_pool); in crypt_free_req_aead()
1553 static void crypt_free_req(struct crypt_config *cc, void *req, struct bio *base_bio) in crypt_free_req() argument
1555 if (crypt_integrity_aead(cc)) in crypt_free_req()
1556 crypt_free_req_aead(cc, req, base_bio); in crypt_free_req()
1558 crypt_free_req_skcipher(cc, req, base_bio); in crypt_free_req()
1564 static blk_status_t crypt_convert(struct crypt_config *cc, in crypt_convert() argument
1568 unsigned int sector_step = cc->sector_size >> SECTOR_SHIFT; in crypt_convert()
1581 r = crypt_alloc_req(cc, ctx); in crypt_convert()
1589 if (crypt_integrity_aead(cc)) in crypt_convert()
1590 r = crypt_convert_block_aead(cc, ctx, ctx->r.req_aead, tag_offset); in crypt_convert()
1592 r = crypt_convert_block_skcipher(cc, ctx, ctx->r.req, tag_offset); in crypt_convert()
1658 static void crypt_free_buffer_pages(struct crypt_config *cc, struct bio *clone);
1682 struct crypt_config *cc = io->cc; in crypt_alloc_buffer() local
1691 mutex_lock(&cc->bio_alloc_lock); in crypt_alloc_buffer()
1693 clone = bio_alloc_bioset(cc->dev->bdev, nr_iovecs, io->base_bio->bi_opf, in crypt_alloc_buffer()
1694 GFP_NOIO, &cc->bs); in crypt_alloc_buffer()
1707 if (unlikely(percpu_counter_read_positive(&cc->n_allocated_pages) + in crypt_alloc_buffer()
1714 percpu_counter_add(&cc->n_allocated_pages, 1 << order); in crypt_alloc_buffer()
1721 pages = mempool_alloc(&cc->page_pool, gfp_mask); in crypt_alloc_buffer()
1723 crypt_free_buffer_pages(cc, clone); in crypt_alloc_buffer()
1738 crypt_free_buffer_pages(cc, clone); in crypt_alloc_buffer()
1744 mutex_unlock(&cc->bio_alloc_lock); in crypt_alloc_buffer()
1749 static void crypt_free_buffer_pages(struct crypt_config *cc, struct bio *clone) in crypt_free_buffer_pages() argument
1756 percpu_counter_sub(&cc->n_allocated_pages, in crypt_free_buffer_pages()
1760 mempool_free(&fi.folio->page, &cc->page_pool); in crypt_free_buffer_pages()
1766 static void crypt_io_init(struct dm_crypt_io *io, struct crypt_config *cc, in crypt_io_init() argument
1769 io->cc = cc; in crypt_io_init()
1794 struct crypt_config *cc = io->cc; in crypt_dec_pending() local
1802 cc->on_disk_tag_size && bio_data_dir(base_bio) == READ) { in crypt_dec_pending()
1811 crypt_free_req(cc, io->ctx.r.req, base_bio); in crypt_dec_pending()
1814 mempool_free(io->integrity_metadata, &io->cc->tag_pool); in crypt_dec_pending()
1843 struct crypt_config *cc = io->cc; in crypt_endio() local
1856 crypt_free_buffer_pages(cc, clone); in crypt_endio()
1875 struct crypt_config *cc = io->cc; in kcryptd_io_read() local
1887 clone->bi_iter.bi_sector = cc->start + io->sector; in kcryptd_io_read()
1888 crypt_convert_init(cc, &io->ctx, clone, clone, io->sector); in kcryptd_io_read()
1900 clone = bio_alloc_clone(cc->dev->bdev, io->base_bio, gfp, &cc->bs); in kcryptd_io_read()
1908 clone->bi_iter.bi_sector = cc->start + io->sector; in kcryptd_io_read()
1932 struct crypt_config *cc = io->cc; in kcryptd_queue_read() local
1935 queue_work(cc->io_queue, &io->work); in kcryptd_queue_read()
1949 struct crypt_config *cc = data; in dmcrypt_write() local
1956 spin_lock_irq(&cc->write_thread_lock); in dmcrypt_write()
1959 if (!RB_EMPTY_ROOT(&cc->write_tree)) in dmcrypt_write()
1964 spin_unlock_irq(&cc->write_thread_lock); in dmcrypt_write()
1974 spin_lock_irq(&cc->write_thread_lock); in dmcrypt_write()
1978 write_tree = cc->write_tree; in dmcrypt_write()
1979 cc->write_tree = RB_ROOT; in dmcrypt_write()
1980 spin_unlock_irq(&cc->write_thread_lock); in dmcrypt_write()
2003 struct crypt_config *cc = io->cc; in kcryptd_crypt_write_io_submit() local
2009 crypt_free_buffer_pages(cc, clone); in kcryptd_crypt_write_io_submit()
2018 clone->bi_iter.bi_sector = cc->start + io->sector; in kcryptd_crypt_write_io_submit()
2020 if ((likely(!async) && test_bit(DM_CRYPT_NO_OFFLOAD, &cc->flags)) || in kcryptd_crypt_write_io_submit()
2021 test_bit(DM_CRYPT_NO_WRITE_WORKQUEUE, &cc->flags)) { in kcryptd_crypt_write_io_submit()
2026 spin_lock_irqsave(&cc->write_thread_lock, flags); in kcryptd_crypt_write_io_submit()
2027 if (RB_EMPTY_ROOT(&cc->write_tree)) in kcryptd_crypt_write_io_submit()
2028 wake_up_process(cc->write_thread); in kcryptd_crypt_write_io_submit()
2029 rbp = &cc->write_tree.rb_node; in kcryptd_crypt_write_io_submit()
2040 rb_insert_color(&io->rb_node, &cc->write_tree); in kcryptd_crypt_write_io_submit()
2041 spin_unlock_irqrestore(&cc->write_thread_lock, flags); in kcryptd_crypt_write_io_submit()
2044 static bool kcryptd_crypt_write_inline(struct crypt_config *cc, in kcryptd_crypt_write_inline() argument
2048 if (!test_bit(DM_CRYPT_WRITE_INLINE, &cc->flags)) in kcryptd_crypt_write_inline()
2068 struct crypt_config *cc = io->cc; in kcryptd_crypt_write_continue() local
2077 r = crypt_convert(cc, &io->ctx, true, false); in kcryptd_crypt_write_continue()
2081 if (!crypt_finished && kcryptd_crypt_write_inline(cc, ctx)) { in kcryptd_crypt_write_continue()
2098 struct crypt_config *cc = io->cc; in kcryptd_crypt_write_convert() local
2109 crypt_convert_init(cc, ctx, NULL, io->base_bio, sector); in kcryptd_crypt_write_convert()
2120 if (crypt_integrity_aead(cc)) { in kcryptd_crypt_write_convert()
2129 r = crypt_convert(cc, ctx, in kcryptd_crypt_write_convert()
2130 test_bit(DM_CRYPT_NO_WRITE_WORKQUEUE, &cc->flags), true); in kcryptd_crypt_write_convert()
2138 queue_work(cc->crypt_queue, &io->work); in kcryptd_crypt_write_convert()
2144 if (!crypt_finished && kcryptd_crypt_write_inline(cc, ctx)) { in kcryptd_crypt_write_convert()
2167 crypt_free_buffer_pages(io->cc, io->ctx.bio_in); in kcryptd_crypt_read_done()
2176 struct crypt_config *cc = io->cc; in kcryptd_crypt_read_continue() local
2182 r = crypt_convert(cc, &io->ctx, true, false); in kcryptd_crypt_read_continue()
2194 struct crypt_config *cc = io->cc; in kcryptd_crypt_read_convert() local
2200 io->ctx.cc_sector = io->sector + cc->iv_offset; in kcryptd_crypt_read_convert()
2201 r = crypt_convert(cc, &io->ctx, in kcryptd_crypt_read_convert()
2202 test_bit(DM_CRYPT_NO_READ_WORKQUEUE, &cc->flags), true); in kcryptd_crypt_read_convert()
2204 crypt_convert_init(cc, &io->ctx, io->base_bio, io->base_bio, in kcryptd_crypt_read_convert()
2207 r = crypt_convert(cc, &io->ctx, in kcryptd_crypt_read_convert()
2208 test_bit(DM_CRYPT_NO_READ_WORKQUEUE, &cc->flags), true); in kcryptd_crypt_read_convert()
2216 queue_work(cc->crypt_queue, &io->work); in kcryptd_crypt_read_convert()
2233 struct crypt_config *cc = io->cc; in kcryptd_async_done() local
2245 if (!error && cc->iv_gen_ops && cc->iv_gen_ops->post) in kcryptd_async_done()
2246 error = cc->iv_gen_ops->post(cc, org_iv_of_dmreq(cc, dmreq), dmreq); in kcryptd_async_done()
2249 sector_t s = le64_to_cpu(*org_sector_of_dmreq(cc, dmreq)); in kcryptd_async_done()
2262 crypt_free_req(cc, req_of_dmreq(cc, dmreq), io->base_bio); in kcryptd_async_done()
2276 if (kcryptd_crypt_write_inline(cc, ctx)) { in kcryptd_async_done()
2296 struct crypt_config *cc = io->cc; in kcryptd_queue_crypt() local
2298 if ((bio_data_dir(io->base_bio) == READ && test_bit(DM_CRYPT_NO_READ_WORKQUEUE, &cc->flags)) || in kcryptd_queue_crypt()
2299 (bio_data_dir(io->base_bio) == WRITE && test_bit(DM_CRYPT_NO_WRITE_WORKQUEUE, &cc->flags))) { in kcryptd_queue_crypt()
2312 queue_work(cc->crypt_queue, &io->work); in kcryptd_queue_crypt()
2315 static void crypt_free_tfms_aead(struct crypt_config *cc) in crypt_free_tfms_aead() argument
2317 if (!cc->cipher_tfm.tfms_aead) in crypt_free_tfms_aead()
2320 if (cc->cipher_tfm.tfms_aead[0] && !IS_ERR(cc->cipher_tfm.tfms_aead[0])) { in crypt_free_tfms_aead()
2321 crypto_free_aead(cc->cipher_tfm.tfms_aead[0]); in crypt_free_tfms_aead()
2322 cc->cipher_tfm.tfms_aead[0] = NULL; in crypt_free_tfms_aead()
2325 kfree(cc->cipher_tfm.tfms_aead); in crypt_free_tfms_aead()
2326 cc->cipher_tfm.tfms_aead = NULL; in crypt_free_tfms_aead()
2329 static void crypt_free_tfms_skcipher(struct crypt_config *cc) in crypt_free_tfms_skcipher() argument
2333 if (!cc->cipher_tfm.tfms) in crypt_free_tfms_skcipher()
2336 for (i = 0; i < cc->tfms_count; i++) in crypt_free_tfms_skcipher()
2337 if (cc->cipher_tfm.tfms[i] && !IS_ERR(cc->cipher_tfm.tfms[i])) { in crypt_free_tfms_skcipher()
2338 crypto_free_skcipher(cc->cipher_tfm.tfms[i]); in crypt_free_tfms_skcipher()
2339 cc->cipher_tfm.tfms[i] = NULL; in crypt_free_tfms_skcipher()
2342 kfree(cc->cipher_tfm.tfms); in crypt_free_tfms_skcipher()
2343 cc->cipher_tfm.tfms = NULL; in crypt_free_tfms_skcipher()
2346 static void crypt_free_tfms(struct crypt_config *cc) in crypt_free_tfms() argument
2348 if (crypt_integrity_aead(cc)) in crypt_free_tfms()
2349 crypt_free_tfms_aead(cc); in crypt_free_tfms()
2351 crypt_free_tfms_skcipher(cc); in crypt_free_tfms()
2354 static int crypt_alloc_tfms_skcipher(struct crypt_config *cc, char *ciphermode) in crypt_alloc_tfms_skcipher() argument
2359 cc->cipher_tfm.tfms = kcalloc(cc->tfms_count, in crypt_alloc_tfms_skcipher()
2362 if (!cc->cipher_tfm.tfms) in crypt_alloc_tfms_skcipher()
2365 for (i = 0; i < cc->tfms_count; i++) { in crypt_alloc_tfms_skcipher()
2366 cc->cipher_tfm.tfms[i] = crypto_alloc_skcipher(ciphermode, 0, in crypt_alloc_tfms_skcipher()
2368 if (IS_ERR(cc->cipher_tfm.tfms[i])) { in crypt_alloc_tfms_skcipher()
2369 err = PTR_ERR(cc->cipher_tfm.tfms[i]); in crypt_alloc_tfms_skcipher()
2370 crypt_free_tfms(cc); in crypt_alloc_tfms_skcipher()
2381 crypto_skcipher_alg(any_tfm(cc))->base.cra_driver_name); in crypt_alloc_tfms_skcipher()
2385 static int crypt_alloc_tfms_aead(struct crypt_config *cc, char *ciphermode) in crypt_alloc_tfms_aead() argument
2389 cc->cipher_tfm.tfms = kmalloc(sizeof(struct crypto_aead *), GFP_KERNEL); in crypt_alloc_tfms_aead()
2390 if (!cc->cipher_tfm.tfms) in crypt_alloc_tfms_aead()
2393 cc->cipher_tfm.tfms_aead[0] = crypto_alloc_aead(ciphermode, 0, in crypt_alloc_tfms_aead()
2395 if (IS_ERR(cc->cipher_tfm.tfms_aead[0])) { in crypt_alloc_tfms_aead()
2396 err = PTR_ERR(cc->cipher_tfm.tfms_aead[0]); in crypt_alloc_tfms_aead()
2397 crypt_free_tfms(cc); in crypt_alloc_tfms_aead()
2402 crypto_aead_alg(any_tfm_aead(cc))->base.cra_driver_name); in crypt_alloc_tfms_aead()
2406 static int crypt_alloc_tfms(struct crypt_config *cc, char *ciphermode) in crypt_alloc_tfms() argument
2408 if (crypt_integrity_aead(cc)) in crypt_alloc_tfms()
2409 return crypt_alloc_tfms_aead(cc, ciphermode); in crypt_alloc_tfms()
2411 return crypt_alloc_tfms_skcipher(cc, ciphermode); in crypt_alloc_tfms()
2414 static unsigned int crypt_subkey_size(struct crypt_config *cc) in crypt_subkey_size() argument
2416 return (cc->key_size - cc->key_extra_size) >> ilog2(cc->tfms_count); in crypt_subkey_size()
2419 static unsigned int crypt_authenckey_size(struct crypt_config *cc) in crypt_authenckey_size() argument
2421 return crypt_subkey_size(cc) + RTA_SPACE(sizeof(struct crypto_authenc_key_param)); in crypt_authenckey_size()
2446 static int crypt_setkey(struct crypt_config *cc) in crypt_setkey() argument
2452 subkey_size = crypt_subkey_size(cc); in crypt_setkey()
2454 if (crypt_integrity_hmac(cc)) { in crypt_setkey()
2455 if (subkey_size < cc->key_mac_size) in crypt_setkey()
2458 crypt_copy_authenckey(cc->authenc_key, cc->key, in crypt_setkey()
2459 subkey_size - cc->key_mac_size, in crypt_setkey()
2460 cc->key_mac_size); in crypt_setkey()
2463 for (i = 0; i < cc->tfms_count; i++) { in crypt_setkey()
2464 if (crypt_integrity_hmac(cc)) in crypt_setkey()
2465 r = crypto_aead_setkey(cc->cipher_tfm.tfms_aead[i], in crypt_setkey()
2466 cc->authenc_key, crypt_authenckey_size(cc)); in crypt_setkey()
2467 else if (crypt_integrity_aead(cc)) in crypt_setkey()
2468 r = crypto_aead_setkey(cc->cipher_tfm.tfms_aead[i], in crypt_setkey()
2469 cc->key + (i * subkey_size), in crypt_setkey()
2472 r = crypto_skcipher_setkey(cc->cipher_tfm.tfms[i], in crypt_setkey()
2473 cc->key + (i * subkey_size), in crypt_setkey()
2479 if (crypt_integrity_hmac(cc)) in crypt_setkey()
2480 memzero_explicit(cc->authenc_key, crypt_authenckey_size(cc)); in crypt_setkey()
2495 static int set_key_user(struct crypt_config *cc, struct key *key) in set_key_user() argument
2503 if (cc->key_size != ukp->datalen) in set_key_user()
2506 memcpy(cc->key, ukp->data, cc->key_size); in set_key_user()
2511 static int set_key_encrypted(struct crypt_config *cc, struct key *key) in set_key_encrypted() argument
2519 if (cc->key_size != ekp->decrypted_datalen) in set_key_encrypted()
2522 memcpy(cc->key, ekp->decrypted_data, cc->key_size); in set_key_encrypted()
2527 static int set_key_trusted(struct crypt_config *cc, struct key *key) in set_key_trusted() argument
2535 if (cc->key_size != tkp->key_len) in set_key_trusted()
2538 memcpy(cc->key, tkp->key, cc->key_size); in set_key_trusted()
2543 static int crypt_set_keyring_key(struct crypt_config *cc, const char *key_string) in crypt_set_keyring_key() argument
2549 int (*set_key)(struct crypt_config *cc, struct key *key); in crypt_set_keyring_key()
2595 ret = set_key(cc, key); in crypt_set_keyring_key()
2607 clear_bit(DM_CRYPT_KEY_VALID, &cc->flags); in crypt_set_keyring_key()
2609 ret = crypt_setkey(cc); in crypt_set_keyring_key()
2612 set_bit(DM_CRYPT_KEY_VALID, &cc->flags); in crypt_set_keyring_key()
2613 kfree_sensitive(cc->key_string); in crypt_set_keyring_key()
2614 cc->key_string = new_key_string; in crypt_set_keyring_key()
2646 static int crypt_set_keyring_key(struct crypt_config *cc, const char *key_string) in crypt_set_keyring_key() argument
2658 static int crypt_set_key(struct crypt_config *cc, char *key) in crypt_set_key() argument
2664 if (!cc->key_size && strcmp(key, "-")) in crypt_set_key()
2669 r = crypt_set_keyring_key(cc, key + 1); in crypt_set_key()
2674 clear_bit(DM_CRYPT_KEY_VALID, &cc->flags); in crypt_set_key()
2677 kfree_sensitive(cc->key_string); in crypt_set_key()
2678 cc->key_string = NULL; in crypt_set_key()
2681 if (cc->key_size && hex2bin(cc->key, key, cc->key_size) < 0) in crypt_set_key()
2684 r = crypt_setkey(cc); in crypt_set_key()
2686 set_bit(DM_CRYPT_KEY_VALID, &cc->flags); in crypt_set_key()
2695 static int crypt_wipe_key(struct crypt_config *cc) in crypt_wipe_key() argument
2699 clear_bit(DM_CRYPT_KEY_VALID, &cc->flags); in crypt_wipe_key()
2700 get_random_bytes(&cc->key, cc->key_size); in crypt_wipe_key()
2703 if (cc->iv_gen_ops && cc->iv_gen_ops->wipe) { in crypt_wipe_key()
2704 r = cc->iv_gen_ops->wipe(cc); in crypt_wipe_key()
2709 kfree_sensitive(cc->key_string); in crypt_wipe_key()
2710 cc->key_string = NULL; in crypt_wipe_key()
2711 r = crypt_setkey(cc); in crypt_wipe_key()
2712 memset(&cc->key, 0, cc->key_size * sizeof(u8)); in crypt_wipe_key()
2732 struct crypt_config *cc = pool_data; in crypt_page_alloc() local
2740 if (unlikely(percpu_counter_read_positive(&cc->n_allocated_pages) >= dm_crypt_pages_per_client) && in crypt_page_alloc()
2746 percpu_counter_add(&cc->n_allocated_pages, 1); in crypt_page_alloc()
2753 struct crypt_config *cc = pool_data; in crypt_page_free() local
2756 percpu_counter_sub(&cc->n_allocated_pages, 1); in crypt_page_free()
2761 struct crypt_config *cc = ti->private; in crypt_dtr() local
2765 if (!cc) in crypt_dtr()
2768 if (cc->write_thread) in crypt_dtr()
2769 kthread_stop(cc->write_thread); in crypt_dtr()
2771 if (cc->io_queue) in crypt_dtr()
2772 destroy_workqueue(cc->io_queue); in crypt_dtr()
2773 if (cc->crypt_queue) in crypt_dtr()
2774 destroy_workqueue(cc->crypt_queue); in crypt_dtr()
2776 crypt_free_tfms(cc); in crypt_dtr()
2778 bioset_exit(&cc->bs); in crypt_dtr()
2780 mempool_exit(&cc->page_pool); in crypt_dtr()
2781 mempool_exit(&cc->req_pool); in crypt_dtr()
2782 mempool_exit(&cc->tag_pool); in crypt_dtr()
2784 WARN_ON(percpu_counter_sum(&cc->n_allocated_pages) != 0); in crypt_dtr()
2785 percpu_counter_destroy(&cc->n_allocated_pages); in crypt_dtr()
2787 if (cc->iv_gen_ops && cc->iv_gen_ops->dtr) in crypt_dtr()
2788 cc->iv_gen_ops->dtr(cc); in crypt_dtr()
2790 if (cc->dev) in crypt_dtr()
2791 dm_put_device(ti, cc->dev); in crypt_dtr()
2793 kfree_sensitive(cc->cipher_string); in crypt_dtr()
2794 kfree_sensitive(cc->key_string); in crypt_dtr()
2795 kfree_sensitive(cc->cipher_auth); in crypt_dtr()
2796 kfree_sensitive(cc->authenc_key); in crypt_dtr()
2798 mutex_destroy(&cc->bio_alloc_lock); in crypt_dtr()
2801 kfree_sensitive(cc); in crypt_dtr()
2814 struct crypt_config *cc = ti->private; in crypt_ctr_ivmode() local
2816 if (crypt_integrity_aead(cc)) in crypt_ctr_ivmode()
2817 cc->iv_size = crypto_aead_ivsize(any_tfm_aead(cc)); in crypt_ctr_ivmode()
2819 cc->iv_size = crypto_skcipher_ivsize(any_tfm(cc)); in crypt_ctr_ivmode()
2821 if (cc->iv_size) in crypt_ctr_ivmode()
2823 cc->iv_size = max(cc->iv_size, in crypt_ctr_ivmode()
2832 cc->iv_gen_ops = NULL; in crypt_ctr_ivmode()
2834 cc->iv_gen_ops = &crypt_iv_plain_ops; in crypt_ctr_ivmode()
2836 cc->iv_gen_ops = &crypt_iv_plain64_ops; in crypt_ctr_ivmode()
2838 cc->iv_gen_ops = &crypt_iv_plain64be_ops; in crypt_ctr_ivmode()
2840 cc->iv_gen_ops = &crypt_iv_essiv_ops; in crypt_ctr_ivmode()
2842 cc->iv_gen_ops = &crypt_iv_benbi_ops; in crypt_ctr_ivmode()
2844 cc->iv_gen_ops = &crypt_iv_null_ops; in crypt_ctr_ivmode()
2846 cc->iv_gen_ops = &crypt_iv_eboiv_ops; in crypt_ctr_ivmode()
2848 cc->iv_gen_ops = &crypt_iv_elephant_ops; in crypt_ctr_ivmode()
2849 cc->key_parts = 2; in crypt_ctr_ivmode()
2850 cc->key_extra_size = cc->key_size / 2; in crypt_ctr_ivmode()
2851 if (cc->key_extra_size > ELEPHANT_MAX_KEY_SIZE) in crypt_ctr_ivmode()
2853 set_bit(CRYPT_ENCRYPT_PREPROCESS, &cc->cipher_flags); in crypt_ctr_ivmode()
2855 cc->iv_gen_ops = &crypt_iv_lmk_ops; in crypt_ctr_ivmode()
2862 if (cc->key_size % cc->key_parts) { in crypt_ctr_ivmode()
2863 cc->key_parts++; in crypt_ctr_ivmode()
2864 cc->key_extra_size = cc->key_size / cc->key_parts; in crypt_ctr_ivmode()
2867 cc->iv_gen_ops = &crypt_iv_tcw_ops; in crypt_ctr_ivmode()
2868 cc->key_parts += 2; /* IV + whitening */ in crypt_ctr_ivmode()
2869 cc->key_extra_size = cc->iv_size + TCW_WHITENING_SIZE; in crypt_ctr_ivmode()
2871 cc->iv_gen_ops = &crypt_iv_random_ops; in crypt_ctr_ivmode()
2873 cc->integrity_iv_size = cc->iv_size; in crypt_ctr_ivmode()
2887 static int crypt_ctr_auth_cipher(struct crypt_config *cc, char *cipher_api) in crypt_ctr_auth_cipher() argument
2911 cc->key_mac_size = crypto_ahash_digestsize(mac); in crypt_ctr_auth_cipher()
2914 cc->authenc_key = kmalloc(crypt_authenckey_size(cc), GFP_KERNEL); in crypt_ctr_auth_cipher()
2915 if (!cc->authenc_key) in crypt_ctr_auth_cipher()
2924 struct crypt_config *cc = ti->private; in crypt_ctr_cipher_new() local
2928 cc->tfms_count = 1; in crypt_ctr_cipher_new()
2952 if (crypt_integrity_aead(cc)) { in crypt_ctr_cipher_new()
2953 ret = crypt_ctr_auth_cipher(cc, cipher_api); in crypt_ctr_cipher_new()
2961 cc->tfms_count = 64; in crypt_ctr_cipher_new()
2977 cc->key_parts = cc->tfms_count; in crypt_ctr_cipher_new()
2980 ret = crypt_alloc_tfms(cc, cipher_api); in crypt_ctr_cipher_new()
2986 if (crypt_integrity_aead(cc)) in crypt_ctr_cipher_new()
2987 cc->iv_size = crypto_aead_ivsize(any_tfm_aead(cc)); in crypt_ctr_cipher_new()
2989 cc->iv_size = crypto_skcipher_ivsize(any_tfm(cc)); in crypt_ctr_cipher_new()
2997 struct crypt_config *cc = ti->private; in crypt_ctr_cipher_old() local
3003 if (strchr(cipher_in, '(') || crypt_integrity_aead(cc)) { in crypt_ctr_cipher_old()
3017 cc->tfms_count = 1; in crypt_ctr_cipher_old()
3018 else if (sscanf(keycount, "%u%c", &cc->tfms_count, &dummy) != 1 || in crypt_ctr_cipher_old()
3019 !is_power_of_2(cc->tfms_count)) { in crypt_ctr_cipher_old()
3023 cc->key_parts = cc->tfms_count; in crypt_ctr_cipher_old()
3065 ret = crypt_alloc_tfms(cc, cipher_api); in crypt_ctr_cipher_old()
3081 struct crypt_config *cc = ti->private; in crypt_ctr_cipher() local
3085 cc->cipher_string = kstrdup(cipher_in, GFP_KERNEL); in crypt_ctr_cipher()
3086 if (!cc->cipher_string) { in crypt_ctr_cipher()
3104 ret = crypt_set_key(cc, key); in crypt_ctr_cipher()
3111 if (cc->iv_gen_ops && cc->iv_gen_ops->ctr) { in crypt_ctr_cipher()
3112 ret = cc->iv_gen_ops->ctr(cc, ti, ivopts); in crypt_ctr_cipher()
3120 if (cc->iv_gen_ops && cc->iv_gen_ops->init) { in crypt_ctr_cipher()
3121 ret = cc->iv_gen_ops->init(cc); in crypt_ctr_cipher()
3129 if (cc->key_string) in crypt_ctr_cipher()
3130 memset(cc->key, 0, cc->key_size * sizeof(u8)); in crypt_ctr_cipher()
3137 struct crypt_config *cc = ti->private; in crypt_ctr_optional() local
3166 set_bit(DM_CRYPT_SAME_CPU, &cc->flags); in crypt_ctr_optional()
3169 set_bit(DM_CRYPT_NO_OFFLOAD, &cc->flags); in crypt_ctr_optional()
3171 set_bit(DM_CRYPT_NO_READ_WORKQUEUE, &cc->flags); in crypt_ctr_optional()
3173 set_bit(DM_CRYPT_NO_WRITE_WORKQUEUE, &cc->flags); in crypt_ctr_optional()
3179 cc->on_disk_tag_size = val; in crypt_ctr_optional()
3182 set_bit(CRYPT_MODE_INTEGRITY_AEAD, &cc->cipher_flags); in crypt_ctr_optional()
3188 cc->cipher_auth = kstrdup(sval, GFP_KERNEL); in crypt_ctr_optional()
3189 if (!cc->cipher_auth) in crypt_ctr_optional()
3191 } else if (sscanf(opt_string, "sector_size:%hu%c", &cc->sector_size, &dummy) == 1) { in crypt_ctr_optional()
3192 if (cc->sector_size < (1 << SECTOR_SHIFT) || in crypt_ctr_optional()
3193 cc->sector_size > 4096 || in crypt_ctr_optional()
3194 (cc->sector_size & (cc->sector_size - 1))) { in crypt_ctr_optional()
3198 if (ti->len & ((cc->sector_size >> SECTOR_SHIFT) - 1)) { in crypt_ctr_optional()
3202 cc->sector_shift = __ffs(cc->sector_size) - SECTOR_SHIFT; in crypt_ctr_optional()
3204 set_bit(CRYPT_IV_LARGE_SECTORS, &cc->cipher_flags); in crypt_ctr_optional()
3218 struct crypt_config *cc = ti->private; in crypt_report_zones() local
3220 return dm_report_zones(cc->dev->bdev, cc->start, in crypt_report_zones()
3221 cc->start + dm_target_offset(ti, args->next_sector), in crypt_report_zones()
3234 struct crypt_config *cc; in crypt_ctr() local
3254 cc = kzalloc(struct_size(cc, key, key_size), GFP_KERNEL); in crypt_ctr()
3255 if (!cc) { in crypt_ctr()
3259 cc->key_size = key_size; in crypt_ctr()
3260 cc->sector_size = (1 << SECTOR_SHIFT); in crypt_ctr()
3261 cc->sector_shift = 0; in crypt_ctr()
3263 ti->private = cc; in crypt_ctr()
3270 ret = percpu_counter_init(&cc->n_allocated_pages, 0, GFP_KERNEL); in crypt_ctr()
3285 if (crypt_integrity_aead(cc)) { in crypt_ctr()
3286 cc->dmreq_start = sizeof(struct aead_request); in crypt_ctr()
3287 cc->dmreq_start += crypto_aead_reqsize(any_tfm_aead(cc)); in crypt_ctr()
3288 align_mask = crypto_aead_alignmask(any_tfm_aead(cc)); in crypt_ctr()
3290 cc->dmreq_start = sizeof(struct skcipher_request); in crypt_ctr()
3291 cc->dmreq_start += crypto_skcipher_reqsize(any_tfm(cc)); in crypt_ctr()
3292 align_mask = crypto_skcipher_alignmask(any_tfm(cc)); in crypt_ctr()
3294 cc->dmreq_start = ALIGN(cc->dmreq_start, __alignof__(struct dm_crypt_request)); in crypt_ctr()
3298 iv_size_padding = -(cc->dmreq_start + sizeof(struct dm_crypt_request)) in crypt_ctr()
3311 iv_size_padding + cc->iv_size + in crypt_ctr()
3312 cc->iv_size + in crypt_ctr()
3316 ret = mempool_init_kmalloc_pool(&cc->req_pool, MIN_IOS, cc->dmreq_start + additional_req_size); in crypt_ctr()
3322 cc->per_bio_data_size = ti->per_io_data_size = in crypt_ctr()
3323 ALIGN(sizeof(struct dm_crypt_io) + cc->dmreq_start + additional_req_size, in crypt_ctr()
3326 ret = mempool_init(&cc->page_pool, BIO_MAX_VECS, crypt_page_alloc, crypt_page_free, cc); in crypt_ctr()
3332 ret = bioset_init(&cc->bs, MIN_IOS, 0, BIOSET_NEED_BVECS); in crypt_ctr()
3338 mutex_init(&cc->bio_alloc_lock); in crypt_ctr()
3342 (tmpll & ((cc->sector_size >> SECTOR_SHIFT) - 1))) { in crypt_ctr()
3346 cc->iv_offset = tmpll; in crypt_ctr()
3348 ret = dm_get_device(ti, argv[3], dm_table_get_mode(ti->table), &cc->dev); in crypt_ctr()
3359 cc->start = tmpll; in crypt_ctr()
3361 if (bdev_is_zoned(cc->dev->bdev)) { in crypt_ctr()
3367 set_bit(DM_CRYPT_NO_WRITE_WORKQUEUE, &cc->flags); in crypt_ctr()
3368 set_bit(DM_CRYPT_WRITE_INLINE, &cc->flags); in crypt_ctr()
3385 if (crypt_integrity_aead(cc) || cc->integrity_iv_size) { in crypt_ctr()
3386 ret = crypt_integrity_ctr(cc, ti); in crypt_ctr()
3390 cc->tag_pool_max_sectors = POOL_ENTRY_SIZE / cc->on_disk_tag_size; in crypt_ctr()
3391 if (!cc->tag_pool_max_sectors) in crypt_ctr()
3392 cc->tag_pool_max_sectors = 1; in crypt_ctr()
3394 ret = mempool_init_kmalloc_pool(&cc->tag_pool, MIN_IOS, in crypt_ctr()
3395 cc->tag_pool_max_sectors * cc->on_disk_tag_size); in crypt_ctr()
3401 cc->tag_pool_max_sectors <<= cc->sector_shift; in crypt_ctr()
3405 cc->io_queue = alloc_workqueue("kcryptd_io/%s", WQ_MEM_RECLAIM, 1, devname); in crypt_ctr()
3406 if (!cc->io_queue) { in crypt_ctr()
3411 if (test_bit(DM_CRYPT_SAME_CPU, &cc->flags)) in crypt_ctr()
3412 cc->crypt_queue = alloc_workqueue("kcryptd/%s", WQ_CPU_INTENSIVE | WQ_MEM_RECLAIM, in crypt_ctr()
3415 cc->crypt_queue = alloc_workqueue("kcryptd/%s", in crypt_ctr()
3418 if (!cc->crypt_queue) { in crypt_ctr()
3423 spin_lock_init(&cc->write_thread_lock); in crypt_ctr()
3424 cc->write_tree = RB_ROOT; in crypt_ctr()
3426 cc->write_thread = kthread_run(dmcrypt_write, cc, "dmcrypt_write/%s", devname); in crypt_ctr()
3427 if (IS_ERR(cc->write_thread)) { in crypt_ctr()
3428 ret = PTR_ERR(cc->write_thread); in crypt_ctr()
3429 cc->write_thread = NULL; in crypt_ctr()
3450 struct crypt_config *cc = ti->private; in crypt_map() local
3459 bio_set_dev(bio, cc->dev->bdev); in crypt_map()
3461 bio->bi_iter.bi_sector = cc->start + in crypt_map()
3470 (bio_data_dir(bio) == WRITE || cc->on_disk_tag_size)) in crypt_map()
3477 if (unlikely((bio->bi_iter.bi_sector & ((cc->sector_size >> SECTOR_SHIFT) - 1)) != 0)) in crypt_map()
3480 if (unlikely(bio->bi_iter.bi_size & (cc->sector_size - 1))) in crypt_map()
3483 io = dm_per_bio_data(bio, cc->per_bio_data_size); in crypt_map()
3484 crypt_io_init(io, cc, bio, dm_target_offset(ti, bio->bi_iter.bi_sector)); in crypt_map()
3486 if (cc->on_disk_tag_size) { in crypt_map()
3487 unsigned int tag_len = cc->on_disk_tag_size * (bio_sectors(bio) >> cc->sector_shift); in crypt_map()
3495 if (bio_sectors(bio) > cc->tag_pool_max_sectors) in crypt_map()
3496 dm_accept_partial_bio(bio, cc->tag_pool_max_sectors); in crypt_map()
3497 io->integrity_metadata = mempool_alloc(&cc->tag_pool, GFP_NOIO); in crypt_map()
3502 if (crypt_integrity_aead(cc)) in crypt_map()
3524 struct crypt_config *cc = ti->private; in crypt_status() local
3534 DMEMIT("%s ", cc->cipher_string); in crypt_status()
3536 if (cc->key_size > 0) { in crypt_status()
3537 if (cc->key_string) in crypt_status()
3538 DMEMIT(":%u:%s", cc->key_size, cc->key_string); in crypt_status()
3540 for (i = 0; i < cc->key_size; i++) { in crypt_status()
3541 DMEMIT("%c%c", hex2asc(cc->key[i] >> 4), in crypt_status()
3542 hex2asc(cc->key[i] & 0xf)); in crypt_status()
3548 DMEMIT(" %llu %s %llu", (unsigned long long)cc->iv_offset, in crypt_status()
3549 cc->dev->name, (unsigned long long)cc->start); in crypt_status()
3552 num_feature_args += test_bit(DM_CRYPT_SAME_CPU, &cc->flags); in crypt_status()
3553 num_feature_args += test_bit(DM_CRYPT_NO_OFFLOAD, &cc->flags); in crypt_status()
3554 num_feature_args += test_bit(DM_CRYPT_NO_READ_WORKQUEUE, &cc->flags); in crypt_status()
3555 num_feature_args += test_bit(DM_CRYPT_NO_WRITE_WORKQUEUE, &cc->flags); in crypt_status()
3556 num_feature_args += cc->sector_size != (1 << SECTOR_SHIFT); in crypt_status()
3557 num_feature_args += test_bit(CRYPT_IV_LARGE_SECTORS, &cc->cipher_flags); in crypt_status()
3558 if (cc->on_disk_tag_size) in crypt_status()
3564 if (test_bit(DM_CRYPT_SAME_CPU, &cc->flags)) in crypt_status()
3566 if (test_bit(DM_CRYPT_NO_OFFLOAD, &cc->flags)) in crypt_status()
3568 if (test_bit(DM_CRYPT_NO_READ_WORKQUEUE, &cc->flags)) in crypt_status()
3570 if (test_bit(DM_CRYPT_NO_WRITE_WORKQUEUE, &cc->flags)) in crypt_status()
3572 if (cc->on_disk_tag_size) in crypt_status()
3573 DMEMIT(" integrity:%u:%s", cc->on_disk_tag_size, cc->cipher_auth); in crypt_status()
3574 if (cc->sector_size != (1 << SECTOR_SHIFT)) in crypt_status()
3575 DMEMIT(" sector_size:%d", cc->sector_size); in crypt_status()
3576 if (test_bit(CRYPT_IV_LARGE_SECTORS, &cc->cipher_flags)) in crypt_status()
3584 DMEMIT(",same_cpu_crypt=%c", test_bit(DM_CRYPT_SAME_CPU, &cc->flags) ? 'y' : 'n'); in crypt_status()
3585 DMEMIT(",submit_from_crypt_cpus=%c", test_bit(DM_CRYPT_NO_OFFLOAD, &cc->flags) ? in crypt_status()
3587 DMEMIT(",no_read_workqueue=%c", test_bit(DM_CRYPT_NO_READ_WORKQUEUE, &cc->flags) ? in crypt_status()
3589 DMEMIT(",no_write_workqueue=%c", test_bit(DM_CRYPT_NO_WRITE_WORKQUEUE, &cc->flags) ? in crypt_status()
3591 DMEMIT(",iv_large_sectors=%c", test_bit(CRYPT_IV_LARGE_SECTORS, &cc->cipher_flags) ? in crypt_status()
3594 if (cc->on_disk_tag_size) in crypt_status()
3596 cc->on_disk_tag_size, cc->cipher_auth); in crypt_status()
3597 if (cc->sector_size != (1 << SECTOR_SHIFT)) in crypt_status()
3598 DMEMIT(",sector_size=%d", cc->sector_size); in crypt_status()
3599 if (cc->cipher_string) in crypt_status()
3600 DMEMIT(",cipher_string=%s", cc->cipher_string); in crypt_status()
3602 DMEMIT(",key_size=%u", cc->key_size); in crypt_status()
3603 DMEMIT(",key_parts=%u", cc->key_parts); in crypt_status()
3604 DMEMIT(",key_extra_size=%u", cc->key_extra_size); in crypt_status()
3605 DMEMIT(",key_mac_size=%u", cc->key_mac_size); in crypt_status()
3613 struct crypt_config *cc = ti->private; in crypt_postsuspend() local
3615 set_bit(DM_CRYPT_SUSPENDED, &cc->flags); in crypt_postsuspend()
3620 struct crypt_config *cc = ti->private; in crypt_preresume() local
3622 if (!test_bit(DM_CRYPT_KEY_VALID, &cc->flags)) { in crypt_preresume()
3632 struct crypt_config *cc = ti->private; in crypt_resume() local
3634 clear_bit(DM_CRYPT_SUSPENDED, &cc->flags); in crypt_resume()
3644 struct crypt_config *cc = ti->private; in crypt_message() local
3651 if (!test_bit(DM_CRYPT_SUSPENDED, &cc->flags)) { in crypt_message()
3658 if (key_size < 0 || cc->key_size != key_size) { in crypt_message()
3663 ret = crypt_set_key(cc, argv[2]); in crypt_message()
3666 if (cc->iv_gen_ops && cc->iv_gen_ops->init) in crypt_message()
3667 ret = cc->iv_gen_ops->init(cc); in crypt_message()
3669 if (cc->key_string) in crypt_message()
3670 memset(cc->key, 0, cc->key_size * sizeof(u8)); in crypt_message()
3674 return crypt_wipe_key(cc); in crypt_message()
3685 struct crypt_config *cc = ti->private; in crypt_iterate_devices() local
3687 return fn(ti, cc->dev, cc->start, ti->len, data); in crypt_iterate_devices()
3692 struct crypt_config *cc = ti->private; in crypt_io_hints() local
3703 max_t(unsigned int, limits->logical_block_size, cc->sector_size); in crypt_io_hints()
3705 max_t(unsigned int, limits->physical_block_size, cc->sector_size); in crypt_io_hints()
3706 limits->io_min = max_t(unsigned int, limits->io_min, cc->sector_size); in crypt_io_hints()